Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/gTCMGlEBaJnK_2v-ik7gS35iBzs.roa
File: gTCMGlEBaJnK_2v-ik7gS35iBzs.roa (raw, json)
Hash identifier: QXJwtioFv7s2GD1uhn3oxTL2Gh369K9TIAfdIfeidBQ=
Subject key identifier: 81:30:8C:1A:51:01:68:99:CA:FF:6B:FE:8A:4E:E0:4B:7E:62:07:3B
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 019678C1D2F2D3202CC9C8E31F4C4AEDA071
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/gTCMGlEBaJnK_2v-ik7gS35iBzs.roa
Signing time: Sun 27 Apr 2025 19:38:10 +0000
ROA not before: Sun 27 Apr 2025 19:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.222.0/24 maxlen: 24
185.23.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 May 2025 09:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:78:c1:d2:f2:d3:20:2c:c9:c8:e3:1f:4c:4a:ed:a0:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Apr 27 19:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81308c1a51016899caff6bfe8a4ee04b7e62073b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ec:3f:1f:5e:ca:ae:8a:11:7f:c3:29:30:54:
d2:75:42:22:c7:fc:7d:ec:9e:86:29:be:06:b7:3b:
f0:54:29:f8:45:0a:80:9a:e0:30:cb:bc:f3:ed:68:
27:8a:17:07:7f:5e:65:92:12:3a:1f:53:9e:68:83:
c8:91:8f:5b:26:54:38:8f:bb:05:77:7d:41:03:06:
50:55:56:11:37:b8:82:78:7e:e3:ea:bd:27:07:93:
b1:b7:96:b0:c0:cc:1a:55:0b:4a:a1:60:2e:45:f7:
e9:d8:f3:50:40:90:3d:39:af:fc:af:79:49:bb:16:
9b:d5:93:06:7c:7e:05:8c:89:6d:db:76:15:2a:c3:
0f:eb:c3:b4:72:fc:e6:e8:cf:29:66:d2:99:f8:7f:
88:ba:35:b8:80:a2:69:0f:cb:d2:c1:de:d9:dc:a9:
46:11:42:04:5b:c0:36:f8:05:d8:20:31:07:0e:a1:
06:68:1e:58:01:de:55:9e:b4:71:38:db:54:9e:f1:
8c:49:89:36:4f:06:5a:f2:e1:e7:fe:b3:05:97:d9:
9a:50:a6:b7:1d:ef:40:2b:82:00:2d:5c:c1:11:b2:
d3:dd:a5:2b:5a:07:d8:d8:12:50:f4:ed:2d:09:60:
09:bd:a7:ee:97:04:ee:29:f6:05:f3:e8:33:6a:c2:
03:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:30:8C:1A:51:01:68:99:CA:FF:6B:FE:8A:4E:E0:4B:7E:62:07:3B
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/gTCMGlEBaJnK_2v-ik7gS35iBzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.222.0/24
185.23.239.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:23:f9:c3:42:16:5a:9e:02:47:61:91:a1:b6:ee:5a:7c:51:
3a:21:1e:89:c1:54:fe:d2:73:b0:eb:fc:d2:67:f1:1d:93:4b:
4e:5a:a2:e4:0f:3d:42:3d:be:f9:bd:2b:67:ba:2c:1f:68:ca:
86:20:48:82:2b:18:83:06:e9:22:f9:b7:1b:9c:f2:8e:30:97:
48:26:dd:e0:ce:61:9f:d2:2d:12:5a:54:8d:c6:0a:aa:6f:6e:
57:aa:3f:98:a7:17:e5:67:63:8a:a5:38:58:de:83:fc:09:ef:
49:8b:b7:8a:8e:48:6c:6a:03:8c:1d:77:56:fd:33:ef:d4:2c:
16:76:dd:ad:78:9b:aa:34:f2:7c:4e:f1:76:d0:90:4d:6b:28:
83:ec:c7:86:ae:09:ec:19:5d:b3:3d:83:60:15:49:3d:b5:b1:
28:ec:e3:d6:f0:b3:64:44:18:5c:e4:f3:17:c4:bf:0e:6a:87:
2b:20:d8:9d:ee:ba:23:f9:aa:35:2d:53:bf:b2:7a:3a:6a:67:
2f:75:4a:d4:3e:f6:40:3f:12:2b:fc:0d:7e:8e:d0:eb:1e:3e:
00:dc:5f:0e:73:fd:98:6f:19:ef:a2:dc:42:e7:ff:21:c2:b5:
65:12:cb:46:43:de:5a:c4:0a:11:92:bc:02:6f:5e:35:e2:87:
74:2c:a3:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZ4wdLy0yAsycjjH0xK7aBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwNDI3MTkzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTMwOGMxYTUxMDE2ODk5Y2FmZjZiZmU4YTRlZTA0YjdlNjIwNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOw/H17KrooRf8MpMFTSdUIix/x9
7J6GKb4GtzvwVCn4RQqAmuAwy7zz7WgnihcHf15lkhI6H1OeaIPIkY9bJlQ4j7sF
d31BAwZQVVYRN7iCeH7j6r0nB5Oxt5awwMwaVQtKoWAuRffp2PNQQJA9Oa/8r3lJ
uxab1ZMGfH4FjIlt23YVKsMP68O0cvzm6M8pZtKZ+H+IujW4gKJpD8vSwd7Z3KlG
EUIEW8A2+AXYIDEHDqEGaB5YAd5VnrRxONtUnvGMSYk2TwZa8uHn/rMFl9maUKa3
He9AK4IALVzBEbLT3aUrWgfY2BJQ9O0tCWAJvafulwTuKfYF8+gzasIDVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIEwjBpRAWiZyv9r/opO4Et+Ygc7MB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvZ1RDTUdsRUJhSm5LXzJ2LWlrN2dTMzVpQnpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQreAwQA
uRfvMA0GCSqGSIb3DQEBCwUAA4IBAQBdI/nDQhZangJHYZGhtu5afFE6IR6JwVT+
0nOw6/zSZ/Edk0tOWqLkDz1CPb75vStnuiwfaMqGIEiCKxiDBuki+bcbnPKOMJdI
Jt3gzmGf0i0SWlSNxgqqb25Xqj+YpxflZ2OKpThY3oP8Ce9Ji7eKjkhsagOMHXdW
/TPv1CwWdt2teJuqNPJ8TvF20JBNayiD7MeGrgnsGV2zPYNgFUk9tbEo7OPW8LNk
RBhc5PMXxL8OaocrINid7roj+ao1LVO/sno6amcvdUrUPvZAPxIr/A1+jtDrHj4A
3F8Oc/2YbxnvotxC5/8hwrVlEstGQ95axAoRkrwCb1414od0LKPr
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:44:18 2025 by rpki-client